package com.thd.springboottest.xss.web;

import com.thd.springboottest.xss.vo.MyVo;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * com.thd.springboottest.xss.web.XssController
 *
 * @author: wanglei62
 * @DATE: 2022/8/17 17:11
 **/
@Controller
@RequestMapping("/xss")
public class XssController {
    // http://127.0.0.1:8899/thd/xss/testParam?name=<script>
    @RequestMapping("/testParam")
    @ResponseBody
    public String testParam(@RequestParam String name){
        System.out.println(name);
        return "success";
    }

    // http://127.0.0.1:8899/thd/xss/testRequestBody
    /*
    body:
    {
        "name":"<b>zhangsan</b>",
        "description":"世界你好"
    }
     */
    @RequestMapping("/testRequestBody")
    @ResponseBody
    public String testRequestBody(@RequestBody MyVo myVo){
        System.out.println(myVo);
        return "success";
    }
}
